STIGQter STIGQter: STIG Summary: Riverbed SteelHead CX v8 NDM Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019:

Riverbed Optimization System (RiOS) must terminate local shared/group account credentials, such as the Admin account is used, when members who know the account password leave the group.

DISA Rule

SV-77325r1_rule

Vulnerability Number

V-62835

Group Title

SRG-APP-000317-NDM-000282

Rule Version

RICX-DM-000002

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure RiOS to protect the confidentiality and integrity of system information at rest.

Navigate to the Device Management Console
Set the "Username" to "admin"
Set the "Password" to "password"
Click "Log In"

Navigate to Configure >> My Account
Select "Change Password"
Enter new password in "New Password:"
Enter new password in "Confirm New Password"
Click "Apply"
Navigate to the top right of the screen and click "Logout" to exit the current session

Navigate to the Device Management Console
Set the "Username" to "admin"
Set the "Password" to the new password
Click "Log In"
Verify that the administrator obtains access to the Device Management Console Home Page

Navigate to the top right of the screen and click "Logout" to exit the current session

Check Contents

Verify RiOS is configured to protect the confidentiality and integrity of system information at rest.

Navigate to the Device Management Console
Set the "Username" to "admin"
Set the "Password" to "password"
Click "Log In"

If login occurs and administrative access is allowed, this is a finding.

Vulnerability Number

V-62835

Documentable

False

Rule Version

RICX-DM-000002

Severity Override Guidance

Verify RiOS is configured to protect the confidentiality and integrity of system information at rest.

Navigate to the Device Management Console
Set the "Username" to "admin"
Set the "Password" to "password"
Click "Log In"

If login occurs and administrative access is allowed, this is a finding.

Check Content Reference

M

Target Key

2931

Comments